CNNVD-202601-2035 Information
CNNVD ID
CNNVD-202601-2035
Related CVE
- CNNVD Published: 2026-01-13
Description (Chinese)
Microsoft SQL Server是美国微软(Microsoft)公司的一套应用在Microsoft Windows系统下的大型商业数据库系统。 Microsoft SQL Server存在访问控制错误漏洞。攻击者利用该漏洞可以提升权限。以下产品和版本受到影响:Microsoft SQL Server 2022 for x64-based Systems (GDR),Microsoft SQL Server 2025 for x64-based Systems (GDR),Microsoft SQL Server 2022 for x64-based Systems (CU 22)。
Description (English)
Microsoft SQL Server is a large commercial database system for Microsoft (MSC) in the United States, which is applied under Microsoft Windows. Microsoft SQL Server has a bug in access control. The attackers use this loophole to enhance their authority. The following products and versions were affected: Microsoft SQL Server 2022 for x64-based Systems (GDR), Microsoft SQL Server 2025 for x64-based Systems (GDR), Microsoft SQL Server 2022 for x64-based Systems (CU 22).
Hazard Level
Medium
Vulnerability Type
访问控制错误
Affected Vendor
微软
Published
2026-01-13
Last Modified
2026-02-24
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20803
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-20803
Share on: